A flaw was found in the way swiftonfile (gluster-swift) serialized and stored metadata on disk by using Python's pickle module. A remote, authenticated user could use this flaw to execute arbitrary code on the storage node.

A flaw was found in the way swiftonfile (gluster-swift) serializes and stores metadata on disk by using Python's pickle module (https://docs.python.org/2/library/pickle.html). Exploiting this flaw causes remote code execution of arbitrary code on the storage node.